Highlighted
Absent Member.
Absent Member.
3539 views

invalid query hash in URL - may be a cracking attempt

I am sending the url to end users to view the interaction but after they log in they get the error "invalid query hash in URL - may be a cracking attempt"
Can any one help?

Regards,
Rajnee
0 Likes
13 Replies
Highlighted
Absent Member.
Absent Member.

Screen shots attached
0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

Search online help (Help Server). This is explained there.
You need to update some parameters in the web.xml file to allow the URL's to function or disable the hash security.
----------------------------------------------------
Kudos - what, where, how, and why
Want Good Answers? Ask Good Questions...
0 Likes
Highlighted
Absent Member.
Absent Member.

Hi John,
Thanks for the quick response. I have already check the help and have made necessary changes to web.xml and System Info record.
0 Likes
Highlighted
Absent Member.. Absent Member..
Absent Member..

This has come up several times before on the forum--you might want to search for an existing thread. If I remember correctly, however, most people disable the hash to get the links working.
----------------------------------------------------
Kudos - what, where, how, and why
Want Good Answers? Ask Good Questions...
0 Likes
Highlighted
Outstanding Contributor.. Outstanding Contributor..
Outstanding Contributor..

What your SM version?
0 Likes
Highlighted
Absent Member.
Absent Member.

/my SM version is 7.11

Dear Ramesh,

We are using Horizontal scaling on two servers with two webservers one on each server, we also have Third Party (IDAM) SSO.

We have gone though the HP Support Knowledge base in self-search and found two KM Documents for similar issue:
1. KM780880 - Fix mentioned in this document is to disable "SSLConnector:1" from sm.ini. We cannot disable this as it is being used for SSO.
2. KM754060 - Fix is to enter case sensitive ServerHost entry in web.xml, which is already configured in our server as per the recommendation.
0 Likes
Highlighted
Absent Member.
Absent Member.

Hi Rajnee,

you need to disable hash key. To do this:

1) add following parameter in sm.ini file:

querysecurity:0

2) change the value of querysecurity from true to false:

querySecurity
false

3) Restart HPSM and Web server.

4) Regenerate the URL again.

The new URL will take you to the search window where you can enter the ticket number and search.

Hope this helps !!

Regards,
Akhil
0 Likes
Highlighted
Absent Member.
Absent Member.

I will try it out. But we do not want the users to search..
0 Likes
Highlighted
Absent Member.
Absent Member.

Try with this to resolve your current issue (as mentioned in the thread)first.

Regards,
Akhil
0 Likes
Highlighted
Absent Member.
Absent Member.

Someone succeed to do it?

It seem to be a feature that never worked correctly. In all post, the only fixe that worked is to disable the security, but i can't do that.

We use a load balancer. It seem that the feature is made to work when everything in the world run on the same server i guess, ...

Someone from HP give me a hint with a parameter queryhashcode to put in sm.ini, but tried to put many things in it and didn't succeed.
0 Likes
Highlighted
Absent Member.
Absent Member.

queryhashcode:your.server.com:port

That is what you have to put in the sm.ini

Hope it helps.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.